For Jailbreak Users: How To Fix Spectre Vulnerability In iOS 11.1.2 And Below Using SpectrePatch
Apple has officially released iOS 11.2.2 for all compatible iPhone, iPad, and iPod touch hardware, complete with security improvements put in place to mitigate the effects of Spectre through Safari and Webkit.
Hardcore jailbreakers, who simply cannot move away from iOS 11.1.2 or below, will obviously miss out on this important security update, which is why Ryley Angus has created SpectrePatch for jailbroken devices.
It’s probably worth noting that for anyone who doesn’t particularly care about a jailbreak that Apple has officially released iOS 11.2.2 as an over-the-air update or IPSW download to counteract the Spectre issue. An immediate and official installation of this important security update will mitigate. However, that doesn’t help those with one-eye firmly fixed on being jailbroken.
This tiny little patch installed, which is called SpectrePatch and is available through the repository details highlighted below, will essentially look to stop any Spectre-type attacks on iOS. When installed, the developer states that the package is loaded “into all WebKitContent process by default, as well as all apps” meaning that it will protect instantly. However, there is a stipulation that SpectrePatch will “not prevent native code Spectre attacks.”
For anyone who is running a jailbroken device, who is concerned about the potential exploitation of that device due to the Spectre exploit potential, then SpectrePatch is available directly from the developer’s own personal Cydia repository. Jailbroken users can add https://ryleyangus.com/repo/ as a source to Cydia, refresh the packages, and download the SpectrePatch directly to the device.
Ryley Angus, the developer, has also uploaded the raw code of his small package here for those who want to view exactly what’s going on or who would prefer to compile it themselves.